int main() { int i,bytes,res; unsigned long ran; char m[RFS],ml[RFS],c[RFS],e[RFS],raw[100]; rsa_public_key pub; rsa_private_key priv; csprng RNG; octet M={0,sizeof(m),m}; octet ML={0,sizeof(ml),ml}; octet C={0,sizeof(c),c}; octet E={0,sizeof(e),e}; octet RAW={0,sizeof(raw),raw}; time((time_t *)&ran); RAW.len=100; /* fake random seed source */ RAW.val[0]=ran; RAW.val[1]=ran>>8; RAW.val[2]=ran>>16; RAW.val[3]=ran>>24; for (i=4;i<100;i++) RAW.val[i]=i; CREATE_CSPRNG(&RNG,&RAW); /* initialise strong RNG */ printf("Generating public/private key pair\n"); RSA_KEY_PAIR(&RNG,65537,&priv,&pub); printf("Encrypting test string\n"); OCT_jstring(&M,(char *)"Hello World\n"); OAEP_ENCODE(&M,&RNG,NULL,&E); /* OAEP encode message m to e */ RSA_ENCRYPT(&pub,&E,&C); /* encrypt encoded message */ printf("Ciphertext= "); OCT_output(&C); printf("Decrypting test string\n"); RSA_DECRYPT(&priv,&C,&ML); /* ... and then decrypt it */ OAEP_DECODE(NULL,&ML); /* decode it */ OCT_output_string(&ML); if (!OCT_comp(&M,&ML)) { printf("FAILURE RSA Encryption failed"); return 1; } OCT_clear(&M); OCT_clear(&ML); /* clean up afterwards */ OCT_clear(&C); OCT_clear(&RAW); OCT_clear(&E); KILL_CSPRNG(&RNG); RSA_PRIVATE_KEY_KILL(&priv); printf("SUCCESS\n"); return 0; }
int main(int argc,char **argv) { int i,ip,mlen,precompute; BOOL compress,dhaes,result; octet h,s,p,f,g,c,d,u,v,w,m,m1,tag,tag1; octet s0,s1,w0,w1,u0,u1,v0,v1,k1,k2,z,vz; octet z1,z2,f1,f2,f3,k; octet p1,p2,L2,C; octet raw; unsigned long ran; dl_domain dom; ecp_domain epdom; ec2_domain e2dom; if_public_key pub; if_private_key priv; csprng RNG; /* Crypto Strong RNG */ int res,bytes,bits; argc--; argv++; compress=FALSE; precompute=0; ip=0; while (ip<argc) { if (strcmp(argv[ip],"-c")==0) { compress=TRUE; ip++; continue; } if (strcmp(argv[ip],"-p")==0) { precompute=8; ip++; continue; } printf("Command line error\n"); exit(0); } time((time_t *)&ran); /* fake random seed source */ OCTET_INIT(&raw,100); raw.len=100; raw.val[0]=ran; raw.val[1]=ran>>8; raw.val[2]=ran>>16; raw.val[3]=ran>>24; for (i=4;i<100;i++) raw.val[i]=i+1; CREATE_CSPRNG(&RNG,&raw); /* initialise strong RNG */ OCTET_KILL(&raw); /* OCTET_INIT(&k,100); OCTET_JOIN_BYTE(0x0b,20,&k); OCTET_INIT(&m,100); OCTET_JOIN_STRING("Hi There",&m); OCTET_INIT(&d,100); if (!MAC1(&m,NULL,&k,20,SHA1,&d)) printf("failed\n"); OCTET_OUTPUT(&k); OCTET_OUTPUT(&m); OCTET_OUTPUT(&d); OCTET_KILL(&k); OCTET_KILL(&m); OCTET_KILL(&d); */ bytes=DL_DOMAIN_INIT(&dom,"common.dss",NULL,precompute); res=DL_DOMAIN_VALIDATE(NULL,&dom); if (res!=0) { printf("Domain parameters are invalid\n"); return 0; } OCTET_INIT(&s0,bytes); OCTET_INIT(&s1,bytes); OCTET_INIT(&w0,bytes); OCTET_INIT(&w1,bytes); DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s0,&w0); DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s1,&w1); OCTET_INIT(&z,bytes); OCTET_INIT(&z1,bytes); OCTET_INIT(&z2,bytes); DLSVDP_DH(NULL,&dom,&s0,&w1,&z); DLSVDP_DH(NULL,&dom,&s1,&w0,&z1); if (OCTET_COMPARE(&z,&z1)) printf("DLSVDP-DH - OK\n"); else { printf("*** DLSVDP-DH Failed\n"); return 0; } res=DLSVDP_DHC(NULL,&dom,&s1,&w0,TRUE,&z2); if (OCTET_COMPARE(&z,&z2)) printf("DLSVDP-DHC Compatibility Mode - OK\n"); else { printf("*** DLSVDP-DHC Compatibility Mode Failed\n"); return 0; } DLSVDP_DHC(NULL,&dom,&s0,&w1,FALSE,&z); DLSVDP_DHC(NULL,&dom,&s1,&w0,FALSE,&z1); if (OCTET_COMPARE(&z,&z1)) printf("DLSVDP-DHC - OK\n"); else { printf("*** DLSVDP-DHC Failed\n"); return 0; } OCTET_INIT(&u0,bytes); OCTET_INIT(&u1,bytes); OCTET_INIT(&v0,bytes); OCTET_INIT(&v1,bytes); DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&u0,&v0); DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&u1,&v1); DLSVDP_MQV(NULL,&dom,&s0,&u0,&v0,&w1,&v1,&z); DLSVDP_MQV(NULL,&dom,&s1,&u1,&v1,&w0,&v0,&z1); if (OCTET_COMPARE(&z,&z1)) printf("DLSVDP-MQV - OK\n"); else { printf("*** DLSVDP-MQV Failed\n"); return 0; } DLSVDP_MQVC(NULL,&dom,&s0,&u0,&v0,&w1,&v1,TRUE,&z2); if (OCTET_COMPARE(&z,&z2)) printf("DLSVDP-MQVC Compatibility Mode - OK\n"); else { printf("*** DLSVDP-MQVC Compatibility Mode Failed\n"); return 0; } DLSVDP_MQVC(NULL,&dom,&s0,&u0,&v0,&w1,&v1,FALSE,&z); DLSVDP_MQVC(NULL,&dom,&s0,&u0,&v0,&w1,&v1,FALSE,&z1); if (OCTET_COMPARE(&z,&z1)) printf("DLSVDP-MQVC - OK\n"); else { printf("*** DLSVDP-MQVC Failed\n"); return 0; } OCTET_INIT(&s,bytes); OCTET_INIT(&p,bytes); DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s,&p); res=DL_PUBLIC_KEY_VALIDATE(NULL,&dom,TRUE,&p); if (res!=0) { printf("DL Public Key is invalid!\n"); return 0; } OCTET_INIT(&f,bytes+1); OCTET_INIT(&c,bytes); OCTET_INIT(&d,bytes); OCTET_INIT(&f1,bytes); OCTET_INIT(&f2,bytes); f.len=16; /* fake a message */ for (i=0;i<16;i++) f.val[i]=i+1; /* make sure its less than group order */ /* because we will use the same message */ /* to test signature with message recovery */ OCTET_INIT(&k,16); k.len=16; for (i=0;i<16;i++) k.val[i]=1; /* fake an AES key */ res=AES_CBC_IV0_ENCRYPT(&k,&f,NULL,&f1,NULL); res=AES_CBC_IV0_DECRYPT(&k,&f1,NULL,&f2,NULL); if (OCTET_COMPARE(&f,&f2)) printf("AES Encrypt/Decrypt OK\n"); else { printf("*** AES Encrypt/Decrypt Failed\n"); return 0; } OCTET_KILL(&k); /* Test OAEP/EME1 encoding and decoding */ OCTET_INIT(&f3,128); res=EME1_ENCODE(&f,&RNG,1023,NULL,SHA256,&f3); res=EME1_DECODE(&f3,1023,NULL,SHA256,&f2); if (OCTET_COMPARE(&f,&f2)) printf("OAEP Encoding/Decoding - OK\n"); else { printf("*** OAEP Encoding/Decoding Failed\n"); return 0; } OCTET_KILL(&f2); OCTET_KILL(&f3); res=DLSP_DSA(NULL,&dom,&RNG,&s,&f,&c,&d); /* sign it */ res=DLVP_DSA(NULL,&dom,&p,&c,&d,&f); /* verify it */ if (res==0) printf("DL DSA Signature - OK\n"); else { printf("*** DL DSA Signature Failed\n"); return 0; } res=DLSP_NR(NULL,&dom,&RNG,&s,&f,&c,&d); /* sign it */ res=DLVP_NR(NULL,&dom,&p,&c,&d,&f1); if (OCTET_COMPARE(&f,&f1)) printf("DL NR Signature - OK\n"); else { printf("*** DL NR Signature Failed\n"); return 0; } OCTET_INIT(&u,bytes); OCTET_INIT(&v,bytes); res=DLPSP_NR2PV(NULL,&dom,&RNG,&u,&v); res=DLSP_NR2(NULL,&dom,&s,&u,&v,&f,&c,&d); res=DLVP_NR2(NULL,&dom,&p,&c,&d,&f1,&v1); if (OCTET_COMPARE(&f,&f1) && OCTET_COMPARE(&v,&v1)) printf("DL NR2 Signature - OK\n"); else { printf("*** DL NR2 Signature Failed\n"); return 0; } res=DLPSP_NR2PV(NULL,&dom,&RNG,&u,&v); res=DLSP_PV(NULL,&dom,&s,&u,&f,&d); res=DLVP_PV(NULL,&dom,&p,&f,&d,&v1); if (OCTET_COMPARE(&v,&v1)) printf("DL PV Signature - OK\n"); else { printf("*** DL PV Signature Failed\n"); return 0; } OCTET_KILL(&u); OCTET_KILL(&v); OCTET_KILL(&s0); OCTET_KILL(&s1); OCTET_KILL(&w0); OCTET_KILL(&w1); OCTET_KILL(&z); OCTET_KILL(&z1); OCTET_KILL(&z2); OCTET_KILL(&u0); OCTET_KILL(&u1); OCTET_KILL(&v0); OCTET_KILL(&v1); OCTET_KILL(&s); OCTET_KILL(&p); OCTET_KILL(&f); OCTET_KILL(&f1); OCTET_KILL(&c); OCTET_KILL(&d); DL_DOMAIN_KILL(&dom); /* Now test Elliptic Curves mod p */ bytes=ECP_DOMAIN_INIT(&epdom,"common.ecs",NULL,precompute); res=ECP_DOMAIN_VALIDATE(NULL,&epdom); if (res!=0) { printf("Domain parameters are invalid %d\n",res); return 0; } OCTET_INIT(&s0,bytes); OCTET_INIT(&s1,bytes); OCTET_INIT(&w0,2*bytes+1); OCTET_INIT(&w1,2*bytes+1); /* NOTE: these are EC points (x,y) */ /* hence the size of 2*bytes+1. However */ /* bytes+1 is OK if compression is used */ ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&s0,compress,&w0); res=ECP_PUBLIC_KEY_VALIDATE(NULL,&epdom,TRUE,&w0); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 0; } ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&s1,compress,&w1); res=ECP_PUBLIC_KEY_VALIDATE(NULL,&epdom,TRUE,&w1); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 0; } OCTET_INIT(&z,bytes); OCTET_INIT(&z1,bytes); OCTET_INIT(&z2,bytes); ECPSVDP_DH(NULL,&epdom,&s0,&w1,&z); ECPSVDP_DH(NULL,&epdom,&s1,&w0,&z1); if (OCTET_COMPARE(&z,&z1)) printf("ECPSVDP-DH - OK\n"); else { printf("*** ECPSVDP-DH Failed\n"); return 0; } ECPSVDP_DHC(NULL,&epdom,&s1,&w0,TRUE,&z2); if (OCTET_COMPARE(&z,&z2)) printf("ECPSVDP-DHC Compatibility Mode - OK\n"); else { printf("*** ECPSVDP-DHC Compatibility Mode Failed\n"); return 0; } ECPSVDP_DHC(NULL,&epdom,&s0,&w1,FALSE,&z); ECPSVDP_DHC(NULL,&epdom,&s1,&w0,FALSE,&z1); if (OCTET_COMPARE(&z,&z1)) printf("ECPSVDP-DHC - OK\n"); else { printf("*** ECPSVDP-DHC Failed\n"); return 0; } OCTET_INIT(&u0,bytes); OCTET_INIT(&u1,bytes); OCTET_INIT(&v0,2*bytes+1); OCTET_INIT(&v1,2*bytes+1); ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&u0,compress,&v0); ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&u1,compress,&v1); ECPSVDP_MQV(NULL,&epdom,&s0,&u0,&v0,&w1,&v1,&z); ECPSVDP_MQV(NULL,&epdom,&s1,&u1,&v1,&w0,&v0,&z1); if (OCTET_COMPARE(&z,&z1)) printf("ECPSVDP-MQV - OK\n"); else { printf("*** ECPSVDP-MQV Failed\n"); return 0; } ECPSVDP_MQVC(NULL,&epdom,&s0,&u0,&v0,&w1,&v1,TRUE,&z2); if (OCTET_COMPARE(&z,&z2)) printf("ECPSVDP_MQVC Compatibility Mode - OK\n"); else { printf("*** ECPSVDP_MQVC Compatibility Mode Failed\n"); return 0; } ECPSVDP_MQVC(NULL,&epdom,&s0,&u0,&v0,&w1,&v1,FALSE,&z); ECPSVDP_MQVC(NULL,&epdom,&s1,&u1,&v1,&w0,&v0,FALSE,&z1); if (OCTET_COMPARE(&z,&z1)) printf("ECPSVDP-MQVC - OK\n"); else { printf("*** ECPSVDP-MQVC Failed\n"); return 0; } OCTET_INIT(&s,bytes); OCTET_INIT(&w,2*bytes+1); ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&s,compress,&w); res=ECP_PUBLIC_KEY_VALIDATE(NULL,&epdom,TRUE,&w); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 0; } OCTET_INIT(&f,bytes); OCTET_INIT(&f1,bytes); OCTET_INIT(&c,bytes); OCTET_INIT(&d,bytes); f.len=16; /* fake a message */ for (i=0;i<16;i++) f.val[i]=i+1; /* make sure its less than group order */ res=ECPSP_DSA(NULL,&epdom,&RNG,&s,&f,&c,&d); res=ECPVP_DSA(NULL,&epdom,&w,&c,&d,&f); if (res==0) printf("ECP DSA Signature - OK\n"); else { printf("*** ECP DSA Signature Failed\n"); return 0; } res=ECPSP_NR(NULL,&epdom,&RNG,&s,&f,&c,&d); res=ECPVP_NR(NULL,&epdom,&w,&c,&d,&f1); if (OCTET_COMPARE(&f,&f1)) printf("ECP NR Signature - OK\n"); else { printf("*** ECP NR Signature Failed\n"); return 0; } OCTET_INIT(&u,bytes); OCTET_INIT(&v,bytes); res=ECPPSP_NR2PV(NULL,&epdom,&RNG,&u,&v); res=ECPSP_NR2(NULL,&epdom,&s,&u,&v,&f,&c,&d); res=ECPVP_NR2(NULL,&epdom,&w,&c,&d,&f1,&v1); if (OCTET_COMPARE(&f,&f1) && OCTET_COMPARE(&v,&v1)) printf("ECP NR2 Signature - OK\n"); else { printf("*** ECP NR2 Signature Failed\n"); return 0; } res=ECPPSP_NR2PV(NULL,&epdom,&RNG,&u,&v); res=ECPSP_PV(NULL,&epdom,&s,&u,&f,&d); res=ECPVP_PV(NULL,&epdom,&w,&f,&d,&v1); if (OCTET_COMPARE(&v,&v1)) printf("ECP PV Signature - OK\n"); else { printf("*** ECP PV Signature Failed\n"); return 0; } OCTET_KILL(&u); OCTET_KILL(&v); OCTET_KILL(&s0); OCTET_KILL(&s1); OCTET_KILL(&w0); OCTET_KILL(&w1); OCTET_KILL(&z); OCTET_KILL(&z1); OCTET_KILL(&z2); OCTET_KILL(&u0); OCTET_KILL(&u1); OCTET_KILL(&v0); OCTET_KILL(&v1); OCTET_KILL(&s); OCTET_KILL(&w); OCTET_KILL(&f); OCTET_KILL(&f1); OCTET_KILL(&c); OCTET_KILL(&d); ECP_DOMAIN_KILL(&epdom); /* Now test Elliptic Curves mod 2^m */ bytes=EC2_DOMAIN_INIT(&e2dom,"common2.ecs",NULL,precompute); res=EC2_DOMAIN_VALIDATE(NULL,&e2dom); if (res!=0) { printf("Domain parameters are invalid\n",res); return 0; } OCTET_INIT(&s0,bytes); OCTET_INIT(&s1,bytes); OCTET_INIT(&w0,2*bytes+1); OCTET_INIT(&w1,2*bytes+1); EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&s0,compress,&w0); EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&s1,compress,&w1); OCTET_INIT(&z,bytes); OCTET_INIT(&z1,bytes); OCTET_INIT(&z2,bytes); EC2SVDP_DH(NULL,&e2dom,&s0,&w1,&z); EC2SVDP_DH(NULL,&e2dom,&s1,&w0,&z1); if (OCTET_COMPARE(&z,&z1)) printf("EC2SVDP-DH - OK\n"); else { printf("*** EC2SVDP-DH Failed\n"); return 0; } EC2SVDP_DHC(NULL,&e2dom,&s1,&w0,TRUE,&z2); if (OCTET_COMPARE(&z,&z2)) printf("EC2SVDP-DHC Compatibility Mode - OK\n"); else { printf("*** EC2SVDP-DHC Compatibility Mode Failed\n"); return 0; } EC2SVDP_DHC(NULL,&e2dom,&s0,&w1,FALSE,&z); EC2SVDP_DHC(NULL,&e2dom,&s1,&w0,FALSE,&z1); if (OCTET_COMPARE(&z,&z1)) printf("EC2SVDP-DHC - OK\n"); else { printf("*** EC2SVDP-DHC Failed\n"); return 0; } OCTET_INIT(&u0,bytes); OCTET_INIT(&u1,bytes); OCTET_INIT(&v0,2*bytes+1); OCTET_INIT(&v1,2*bytes+1); EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&u0,compress,&v0); EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&u1,compress,&v1); EC2SVDP_MQV(NULL,&e2dom,&s0,&u0,&v0,&w1,&v1,&z); EC2SVDP_MQV(NULL,&e2dom,&s1,&u1,&v1,&w0,&v0,&z1); if (OCTET_COMPARE(&z,&z1)) printf("EC2SVDP-MQV - OK\n"); else { printf("*** EC2SVDP-MQV Failed\n"); return 0; } EC2SVDP_MQVC(NULL,&e2dom,&s0,&u0,&v0,&w1,&v1,TRUE,&z2); if (OCTET_COMPARE(&z,&z2)) printf("EC2SVDP_MQVC Compatibility Mode - OK\n"); else { printf("*** EC2SVDP_MQVC Compatibility Mode Failed\n"); return 0; } EC2SVDP_MQVC(NULL,&e2dom,&s0,&u0,&v0,&w1,&v1,FALSE,&z); EC2SVDP_MQVC(NULL,&e2dom,&s1,&u1,&v1,&w0,&v0,FALSE,&z1); if (OCTET_COMPARE(&z,&z1)) printf("EC2SVDP-MQVC - OK\n"); else { printf("*** EC2SVDP-MQVC Failed\n"); return 0; } OCTET_INIT(&s,bytes); OCTET_INIT(&w,2*bytes+1); EC2_KEY_PAIR_GENERATE(NULL,&e2dom,&RNG,&s,compress,&w); res=EC2_PUBLIC_KEY_VALIDATE(NULL,&e2dom,TRUE,&w); if (res!=0) { printf("EC2 Public Key is invalid!\n"); return 0; } OCTET_INIT(&f,bytes); OCTET_INIT(&f1,bytes); OCTET_INIT(&c,bytes); OCTET_INIT(&d,bytes); f.len=16; /* fake a message */ for (i=0;i<16;i++) f.val[i]=i+1; /* make sure its less than group order */ res=EC2SP_DSA(NULL,&e2dom,&RNG,&s,&f,&c,&d); res=EC2VP_DSA(NULL,&e2dom,&w,&c,&d,&f); if (res==0) printf("EC2 DSA Signature - OK\n"); else { printf("*** EC2 DSA Signature Failed\n"); return 0; } res=EC2SP_NR(NULL,&e2dom,&RNG,&s,&f,&c,&d); res=EC2VP_NR(NULL,&e2dom,&w,&c,&d,&f1); if (OCTET_COMPARE(&f,&f1)) printf("EC2 NR Signature - OK\n"); else { printf("*** EC2 NR Signature Failed\n"); return 0; } OCTET_INIT(&u,bytes); OCTET_INIT(&v,bytes); res=EC2PSP_NR2PV(NULL,&e2dom,&RNG,&u,&v); res=EC2SP_NR2(NULL,&e2dom,&s,&u,&v,&f,&c,&d); res=EC2VP_NR2(NULL,&e2dom,&w,&c,&d,&f1,&v1); if (OCTET_COMPARE(&f,&f1) && OCTET_COMPARE(&v,&v1)) printf("EC2 NR2 Signature - OK\n"); else { printf("*** EC2 NR2 Signature Failed\n"); return 0; } res=EC2PSP_NR2PV(NULL,&e2dom,&RNG,&u,&v); res=EC2SP_PV(NULL,&e2dom,&s,&u,&f,&d); res=EC2VP_PV(NULL,&e2dom,&w,&f,&d,&v1); if (OCTET_COMPARE(&v,&v1)) printf("EC2 PV Signature - OK\n"); else { printf("*** EC2 PV Signature Failed\n"); return 0; } OCTET_KILL(&u); OCTET_KILL(&v); OCTET_KILL(&s0); OCTET_KILL(&s1); OCTET_KILL(&w0); OCTET_KILL(&w1); OCTET_KILL(&z); OCTET_KILL(&z1); OCTET_KILL(&z2); OCTET_KILL(&u0); OCTET_KILL(&u1); OCTET_KILL(&v0); OCTET_KILL(&v1); OCTET_KILL(&s); OCTET_KILL(&w); OCTET_KILL(&f); OCTET_KILL(&f1); OCTET_KILL(&c); OCTET_KILL(&d); EC2_DOMAIN_KILL(&e2dom); printf("Generating 1024-bit RSA Key Pair....\n"); bytes=IF_KEY_PAIR(NULL,&RNG,1024,65537,&priv,&pub); OCTET_INIT(&f,bytes); OCTET_INIT(&f1,bytes); OCTET_INIT(&g,bytes); f.len=20; for (i=0;i<20;i++) f.val[i]=i+1; /* fake a message */ IFEP_RSA(NULL,&pub,&f,&g); IFDP_RSA(NULL,&priv,&g,&f1); if (OCTET_COMPARE(&f,&f1)) printf("RSA Encryption - OK\n"); else { printf("RSA Encryption Failed\n"); return 0; } OCTET_INIT(&s,bytes); OCTET_CLEAR(&f1); IFSP_RSA1(NULL,&priv,&f,&s); IFVP_RSA1(NULL,&pub,&s,&f1); if (OCTET_COMPARE(&f,&f1)) printf("RSA1 Signature - OK\n"); else { printf("RSA1 Signature Failed\n"); return 0; } f.len=20; for (i=0;i<20;i++) f.val[i]=i+1; /* fake a message */ f.val[19]=12; /* =12 mod 16 */ OCTET_CLEAR(&f1); IFSP_RSA2(NULL,&priv,&f,&s); IFVP_RSA2(NULL,&pub,&s,&f1); if (OCTET_COMPARE(&f,&f1)) printf("RSA2 Signature - OK\n"); else { printf("RSA2 Signature Failed\n"); return 0; } IF_PUBLIC_KEY_KILL(&pub); IF_PRIVATE_KEY_KILL(&priv); printf("Generating 1024-bit RW Key Pair....\n"); IF_KEY_PAIR(NULL,&RNG,1024,2,&priv,&pub); OCTET_CLEAR(&f1); IFSP_RW(NULL,&priv,&f,&s); IFVP_RW(NULL,&pub,&s,&f1); if (OCTET_COMPARE(&f,&f1)) printf("RW Signature - OK\n"); else { printf("RW Signature Failed\n"); return 0; } printf("\nP1363 IFSSA Signature\n"); OCTET_CLEAR(&g); g.len=20; for (i=0;i<20;i++) g.val[i]=i+1; printf("Message is \n"); OCTET_OUTPUT(&g); mlen=1023; if (!EMSA4_ENCODE(TRUE,SHA256,10,&RNG,mlen,&g,NULL,&f)) { printf("Failed to EMSA encode message\n"); return 0; } printf("Message Representative is\n"); OCTET_OUTPUT(&f); IFSP_RW(NULL,&priv,&f,&s); printf("Signature is\n"); OCTET_OUTPUT(&s); printf("Verification\n"); IFVP_RW(NULL,&pub,&s,&f1); printf("Message Representative is\n"); OCTET_OUTPUT(&f1); result=EMSA4_DECODE(TRUE,SHA256,10,mlen,&f1,&g,NULL); if (result && OCTET_COMPARE(&f,&f1)) printf("IFSSA Signature - OK\n"); else { printf("IFSSA Signature Failed\n"); return 0; } printf("\nP1363 IFSSR Signature with recovery\n"); OCTET_CLEAR(&g); g.len=20; for (i=0;i<20;i++) g.val[i]=i+1; printf("Message is \n"); OCTET_OUTPUT(&g); mlen=1023; EMSR3_ENCODE(FALSE,SHA256,10,&RNG,mlen,&g,NULL,NULL,&f); printf("Message Representative is\n"); OCTET_OUTPUT(&f); IFSP_RW(NULL,&priv,&f,&s); OCTET_CLEAR(&g); printf("Signature is\n"); OCTET_OUTPUT(&s); printf("Verification\n"); result=EMSR3_DECODE(FALSE,SHA256,10,1023,&f,NULL,NULL,&g); printf("Recovered message= \n"); OCTET_OUTPUT(&g); if (result) printf("IFSSR Signature with recovery - OK\n"); else { printf("IFSSR Signature with recovery Failed\n"); return 0; } IF_PUBLIC_KEY_KILL(&pub); IF_PRIVATE_KEY_KILL(&priv); OCTET_KILL(&f); OCTET_KILL(&f1); OCTET_KILL(&g); OCTET_KILL(&s); printf("\nP1363 DLSSR Signature with message recovery\n"); bytes=DL_DOMAIN_INIT(&dom,"common.dss",NULL,precompute); res=DL_DOMAIN_VALIDATE(NULL,&dom); if (res!=0) { printf("Domain parameters are invalid\n"); return 0; } OCTET_INIT(&s,bytes); OCTET_INIT(&w,bytes); OCTET_INIT(&u,bytes); OCTET_INIT(&v,bytes); OCTET_INIT(&v1,bytes); OCTET_INIT(&c,bytes); OCTET_INIT(&d,bytes); OCTET_INIT(&f,bytes); OCTET_INIT(&f1,bytes); OCTET_INIT(&m1,8); DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s,&w); res=DLPSP_NR2PV(NULL,&dom,&RNG,&u,&v); bits=dom.rbits-1; m1.len=8; for (i=0;i<8;i++) m1.val[i]=i+1; printf("recoverable message= "); OCTET_OUTPUT(&m1); result=EMSR1_ENCODE(FALSE,10,20,&m1,NULL,NULL,bits,SHA1,&v,&f); res=DLSP_NR2(NULL,&dom,&s,&u,&v,&f,&c,&d); OCTET_CLEAR(&m1); printf("Signature= \n"); OCTET_OUTPUT(&c); OCTET_OUTPUT(&d); res=DLVP_NR2(NULL,&dom,&w,&c,&d,&f1,&v1); result=EMSR1_DECODE(FALSE,10,20,&f,NULL,NULL,bits,SHA1,&v1,8,&m1); printf("recovered message= "); OCTET_OUTPUT(&m1); if (result) printf("DLSSR Signature with message recovery - OK\n"); else { printf("*** DLSSR Signature with message recovery Failed\n"); return 0; } OCTET_KILL(&s); OCTET_KILL(&w); OCTET_KILL(&u); OCTET_KILL(&v); OCTET_KILL(&v1); OCTET_KILL(&c); OCTET_KILL(&d); OCTET_KILL(&f); OCTET_KILL(&f1); OCTET_KILL(&m1); DL_DOMAIN_KILL(&dom); printf("\nP1363 DLSSR-PV Signature with message recovery\n"); bytes=DL_DOMAIN_INIT(&dom,"common.dss",NULL,precompute); res=DL_DOMAIN_VALIDATE(NULL,&dom); if (res!=0) { printf("Domain parameters are invalid\n"); return 0; } OCTET_INIT(&s,bytes); OCTET_INIT(&w,bytes); OCTET_INIT(&u,bytes); OCTET_INIT(&v,bytes); OCTET_INIT(&m,bytes); OCTET_INIT(&c,bytes); OCTET_INIT(&h,bytes); OCTET_INIT(&d,bytes); DL_KEY_PAIR_GENERATE(NULL,&dom,&RNG,&s,&w); res=DLPSP_NR2PV(NULL,&dom,&RNG,&u,&v); m.len=20; for (i=0;i<20;i++) m.val[i]=i+1; printf("recoverable message= "); OCTET_OUTPUT(&m); EMSR2_ENCODE(100,TRUE,SHA1,NULL,&m,&v,&c); HASH(SHA1,&c,&h); res=DLSP_PV(NULL,&dom,&s,&u,&h,&d); OCTET_CLEAR(&m); OCTET_CLEAR(&h); OCTET_CLEAR(&v); printf("Signature= \n"); OCTET_OUTPUT(&c); OCTET_OUTPUT(&d); HASH(SHA1,&c,&h); res=DLVP_PV(NULL,&dom,&w,&h,&d,&v); result=EMSR2_DECODE(100,TRUE,SHA1,NULL,&c,&v,&m); printf("recovered message= "); OCTET_OUTPUT(&m); if (result) printf("DLSSR-PV Signature with message recovery - OK\n"); else { printf("*** DLSSR-PV Signature with message recovery Failed\n"); return 0; } OCTET_KILL(&s); OCTET_KILL(&w); OCTET_KILL(&u); OCTET_KILL(&v); OCTET_KILL(&m); OCTET_KILL(&c); OCTET_KILL(&h); OCTET_KILL(&d); DL_DOMAIN_KILL(&dom); printf("\nP1363 ECIES Encryption/Decryption - DHAES mode\n"); dhaes=TRUE; /* Use DHAES mode */ bytes=ECP_DOMAIN_INIT(&epdom,"common.ecs",NULL,precompute); OCTET_INIT(&m,20); OCTET_INIT(&c,32); /* round up to block size */ OCTET_INIT(&k,32); OCTET_INIT(&s,bytes); OCTET_INIT(&u,bytes); OCTET_INIT(&v,2*bytes+1); OCTET_INIT(&w,2*bytes+1); OCTET_INIT(&m1,20); OCTET_INIT(&k1,16); OCTET_INIT(&k2,16); OCTET_INIT(&tag,12); OCTET_INIT(&tag1,12); OCTET_INIT(&z,bytes); OCTET_INIT(&vz,3*bytes+2); OCTET_INIT(&p1,30); OCTET_INIT(&p2,30); OCTET_INIT(&L2,8); OCTET_INIT(&C,300); OCTET_JOIN_STRING("Key Derivation Parameters",&p1); OCTET_JOIN_STRING("Encoding Parameters",&p2); ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&u,compress,&v); /* one time key pair */ ECP_KEY_PAIR_GENERATE(NULL,&epdom,&RNG,&s,compress,&w); /* recipients key pair */ res=ECPSVDP_DH(NULL,&epdom,&u,&w,&z); if (dhaes) { OCTET_COPY(&v,&vz); OCTET_JOIN_OCTET(&z,&vz); } else OCTET_COPY(&z,&vz); res=KDF2(&vz,&p1,32,SHA1,&k); printf("Key is \n"); OCTET_OUTPUT(&k); k1.len=k2.len=16; for (i=0;i<16;i++) {k1.val[i]=k.val[i]; k2.val[i]=k.val[16+i];} printf("Encryption\n"); m.len=20; for (i=0;i<20;i++) m.val[i]=i+1; /* fake a message */ printf("Message is \n"); OCTET_OUTPUT(&m); res=AES_CBC_IV0_ENCRYPT(&k1,&m,NULL,&c,NULL); printf("Ciphertext is \n"); OCTET_OUTPUT(&c); if (dhaes) OCTET_JOIN_LONG((long)p2.len,8,&L2); OCTET_COPY(&c,&C); OCTET_JOIN_OCTET(&p2,&C); OCTET_JOIN_OCTET(&L2,&C); res=MAC1(&C,NULL,&k2,12,SHA256,&tag); printf("HMAC tag is \n"); OCTET_OUTPUT(&tag); /* Note that "two passes" are required, one to encrypt, one to calculate the MAC. */ /* Overall ciphertext is (v,c,tag) */ OCTET_CLEAR(&z); OCTET_CLEAR(&k); OCTET_CLEAR(&k1); OCTET_CLEAR(&k2); OCTET_CLEAR(&vz); OCTET_CLEAR(&C); OCTET_CLEAR(&L2); printf("Decryption\n"); res=ECPSVDP_DH(NULL,&epdom,&s,&v,&z); if (dhaes) { OCTET_COPY(&v,&vz); OCTET_JOIN_OCTET(&z,&vz); } else OCTET_COPY(&z,&vz); res=KDF2(&vz,&p1,32,SHA1,&k); k1.len=k2.len=16; for (i=0;i<16;i++) {k1.val[i]=k.val[i]; k2.val[i]=k.val[16+i];} res=AES_CBC_IV0_DECRYPT(&k1,&c,NULL,&m1,NULL); printf("Message is \n"); OCTET_OUTPUT(&m1); if (dhaes) OCTET_JOIN_LONG((long)p2.len,8,&L2); OCTET_COPY(&c,&C); OCTET_JOIN_OCTET(&p2,&C); OCTET_JOIN_OCTET(&L2,&C); res=MAC1(&C,NULL,&k2,12,SHA256,&tag1); printf("HMAC tag is \n"); OCTET_OUTPUT(&tag1); if (OCTET_COMPARE(&m,&m1) && OCTET_COMPARE(&tag,&tag1)) printf("ECIES Encryption/Decryption - OK\n"); else { printf("ECIES Encryption/Decryption Failed\n"); return 0; } OCTET_KILL(&tag); OCTET_KILL(&tag1); OCTET_KILL(&k1); OCTET_KILL(&k2); OCTET_KILL(&m); OCTET_KILL(&c); OCTET_KILL(&k); OCTET_KILL(&s); OCTET_KILL(&u); OCTET_KILL(&v); OCTET_KILL(&m1); OCTET_KILL(&w); OCTET_KILL(&p1); OCTET_KILL(&p2); OCTET_KILL(&L2); OCTET_KILL(&C); ECP_DOMAIN_KILL(&epdom); OCTET_KILL(&z); OCTET_KILL(&vz); KILL_CSPRNG(&RNG); return 0; }
int main() { int i,j=0,res; int result; unsigned long ran; char *pp="M0ng00se"; /* These octets are automatically protected against buffer overflow attacks */ /* Note salt must be big enough to include an appended word */ /* Note ECIES ciphertext C must be big enough to include at least 1 appended block */ /* Recall EFS is field size in bytes. So EFS=32 for 256-bit curve */ char s0[EGS],s1[EGS],w0[2*EFS+1],w1[2*EFS+1],z0[EFS],z1[EFS],raw[100],key[EAS],salt[32],pw[20],p1[30],p2[30],v[2*EFS+1],m[32],c[64],t[32],cs[EGS],ds[EGS]; octet S0={0,sizeof(s0),s0}; octet S1={0,sizeof(s1),s1}; octet W0={0,sizeof(w0),w0}; octet W1={0,sizeof(w1),w1}; octet Z0={0,sizeof(z0),z0}; octet Z1={0,sizeof(z1),z1}; octet RAW={0,sizeof(raw),raw}; octet KEY={0,sizeof(key),key}; octet SALT={0,sizeof(salt),salt}; octet PW={0,sizeof(pw),pw}; octet P1={0,sizeof(p1),p1}; octet P2={0,sizeof(p2),p2}; octet V={0,sizeof(v),v}; octet M={0,sizeof(m),m}; octet C={0,sizeof(c),c}; octet T={0,sizeof(t),t}; octet CS={0,sizeof(cs),cs}; octet DS={0,sizeof(ds),ds}; /* Crypto Strong RNG */ csprng RNG; time((time_t *)&ran); /* fake random seed source */ RAW.len=100; RAW.val[0]=ran; RAW.val[1]=ran>>8; RAW.val[2]=ran>>16; RAW.val[3]=ran>>24; for (i=0;i<100;i++) RAW.val[i]=i; /* initialise strong RNG */ CREATE_CSPRNG(&RNG,&RAW); SALT.len=8; for (i=0;i<8;i++) SALT.val[i]=i+1; // set Salt printf("Alice's Passphrase= %s\n",pp); OCT_empty(&PW); OCT_jstring(&PW,pp); // set Password from string /* private key S0 of size EGS bytes derived from Password and Salt */ PBKDF2(&PW,&SALT,1000,EGS,&S0); printf("Alices private key= 0x"); OCT_output(&S0); /* Generate Key pair S/W */ ECP_KEY_PAIR_GENERATE(NULL,&S0,&W0); res=ECP_PUBLIC_KEY_VALIDATE(1,&W0); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 1; } printf("Alice's public key= 0x"); OCT_output(&W0); /* Random private key for other party */ ECP_KEY_PAIR_GENERATE(&RNG,&S1,&W1); res=ECP_PUBLIC_KEY_VALIDATE(1,&W1); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 1; } printf("Servers private key= 0x"); OCT_output(&S1); printf("Servers public key= 0x"); OCT_output(&W1); /* Calculate common key using DH - IEEE 1363 method */ ECPSVDP_DH(&S0,&W1,&Z0); ECPSVDP_DH(&S1,&W0,&Z1); if (!OCT_comp(&Z0,&Z1)) { printf("*** ECPSVDP-DH Failed\n"); return 0; } KDF2(&Z0,NULL,EAS,&KEY); printf("Alice's DH Key= 0x"); OCT_output(&KEY); printf("Servers DH Key= 0x"); OCT_output(&KEY); printf("Testing ECIES\n"); P1.len=3; P1.val[0]=0x0; P1.val[1]=0x1; P1.val[2]=0x2; P2.len=4; P2.val[0]=0x0; P2.val[1]=0x1; P2.val[2]=0x2; P2.val[3]=0x3; M.len=17; for (i=0;i<=16;i++) M.val[i]=i; ECP_ECIES_ENCRYPT(&P1,&P2,&RNG,&W1,&M,12,&V,&C,&T); printf("Ciphertext= \n"); printf("V= 0x"); OCT_output(&V); printf("C= 0x"); OCT_output(&C); printf("T= 0x"); OCT_output(&T); if (!ECP_ECIES_DECRYPT(&P1,&P2,&V,&C,&T,&S1,&M)) { printf("*** ECIES Decryption Failed\n"); return 1; } else printf("Decryption succeeded\n"); printf("Message is 0x"); OCT_output(&M); printf("Testing ECDSA\n"); if (ECPSP_DSA(&RNG,&S0,&M,&CS,&DS)!=0) { printf("***ECDSA Signature Failed\n"); return 1; } printf("Signature C = 0x"); OCT_output(&CS); printf("Signature D = 0x"); OCT_output(&DS); if (ECPVP_DSA(&W0,&M,&CS,&DS)!=0) { printf("***ECDSA Verification Failed\n"); return 1; } else printf("ECDSA Signature/Verification succeeded %d\n",j); KILL_CSPRNG(&RNG); printf("SUCCESS\n"); return 0; }
int main(int argc,char **argv) { int i,res; BOOL result; char *pp="M0ng00se"; /* These octets are automatically protected against buffer overflow attacks */ /* Note salt must be big enough to include an appended word */ /* Note ECIES ciphertext C must be big enough to include at least 1 appended block */ /* Recall EFS is field size in bytes. So EFS=32 for 256-bit curve */ char s0[EGS],s1[EGS],w0[2*EFS+1],w1[2*EFS+1],z0[EFS],z1[EFS],raw[100],key[EAS],salt[32],pw[20],b64[4+((8*EFS+4)/3)],p1[30],p2[30],v[2*EFS+1],m[32],c[64],t[32],cs[EGS],ds[EGS]; octet S0={0,sizeof(s0),s0}; octet S1={0,sizeof(s1),s1}; octet W0={0,sizeof(w0),w0}; octet W1={0,sizeof(w1),w1}; octet Z0={0,sizeof(z0),z0}; octet Z1={0,sizeof(z1),z1}; octet RAW={0,sizeof(raw),raw}; octet KEY={0,sizeof(key),key}; octet SALT={0,sizeof(salt),salt}; octet PW={0,sizeof(pw),pw}; octet P1={0,sizeof(p1),p1}; octet P2={0,sizeof(p2),p2}; octet V={0,sizeof(v),v}; octet M={0,sizeof(m),m}; octet C={0,sizeof(c),c}; octet T={0,sizeof(t),t}; octet CS={0,sizeof(cs),cs}; octet DS={0,sizeof(ds),ds}; ecp_domain epdom; csprng RNG; /* Crypto Strong RNG */ RAW.len=100; /* fake random seed source */ for (i=0;i<100;i++) RAW.val[i]=i+1; CREATE_CSPRNG(&RNG,&RAW); /* initialise strong RNG */ SALT.len=8; for (i=0;i<8;i++) SALT.val[i]=i+1; // set Salt printf("Alice's Passphrase= %s\n",pp); OCTET_JOIN_STRING(pp,&PW); // set Password from string /* First set up Elliptic Curve from ROM data */ ECP_DOMAIN_INIT(&epdom,ecrom); /* private key S0 of size EGS bytes derived from Password and Salt */ PBKDF2(&PW,&SALT,1000,EGS,&S0); OCTET_TO_BASE64(&S0,b64); printf("Alices private key= %s\n",b64); /* Generate Key pair S/W */ ECP_KEY_PAIR_GENERATE(&epdom,NULL,&S0,&W0); res=ECP_PUBLIC_KEY_VALIDATE(&epdom,TRUE,&W0); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 0; } OCTET_TO_BASE64(&W0,b64); printf("Alice's public key= %s\n",b64); OCTET_FROM_BASE64(b64,&W0); /* Random private key for other party */ S1.len=3; S1.val[0]=0x01; S1.val[1]=0x23; S1.val[2]=0x45; ECP_KEY_PAIR_GENERATE(&epdom,NULL,&S1,&W1); res=ECP_PUBLIC_KEY_VALIDATE(&epdom,TRUE,&W1); if (res!=0) { printf("ECP Public Key is invalid!\n"); return 0; } OCTET_TO_BASE64(&W1,b64); printf("Servers public key= %s\n",b64); OCTET_FROM_BASE64(b64,&W1); /* Calculate common key using DH - IEEE 1363 method */ ECPSVDP_DH(&epdom,&S0,&W1,&Z0); ECPSVDP_DH(&epdom,&S1,&W0,&Z1); if (!OCTET_COMPARE(&Z0,&Z1)) { printf("*** ECPSVDP-DH Failed\n"); return 0; } KDF1(&Z0,EAS,&KEY); printf("Alice's DH Key= "); for (i=0;i<EAS;i++) printf("%u ",KEY.val[i]&0xff); printf("\n"); printf("Servers DH Key= "); for (i=0;i<EAS;i++) printf("%u ",KEY.val[i]&0xff); printf("\n"); printf("Testing ECIES\n"); P1.len=3; P1.val[0]=0x0; P1.val[1]=0x1; P1.val[2]=0x2; P2.len=4; P2.val[0]=0x0; P2.val[1]=0x1; P2.val[2]=0x2; P2.val[3]=0x3; M.len=17; for (i=0;i<=16;i++) M.val[i]=i; /* fake a message */ ECP_ECIES_ENCRYPT(&epdom,&P1,&P2,&RNG,&W1,&M,12,&V,&C,&T); printf("Ciphertext= \n"); OCTET_TO_BASE64(&V,b64); printf("V= %s\n",b64); OCTET_FROM_BASE64(b64,&V); OCTET_TO_BASE64(&C,b64); printf("C= %s\n",b64); OCTET_FROM_BASE64(b64,&C); OCTET_TO_BASE64(&T,b64); printf("V= %s\n",b64); OCTET_FROM_BASE64(b64,&T); if (!ECP_ECIES_DECRYPT(&epdom,&P1,&P2,&V,&C,&T,&S1,&M)) { printf("*** ECIES Decryption Failed\n"); return 0; } else printf("Decryption succeeded\n"); printf("Message is "); OCTET_OUTPUT(&M); printf("Testing ECDSA\n"); if (ECPSP_DSA(&epdom,&RNG,&S0,&M,&CS,&DS)!=0) { printf("***ECDSA Signature Failed\n"); return 0; } OCTET_TO_BASE64(&CS,b64); printf("Signature C = %s\n",b64); OCTET_FROM_BASE64(b64,&CS); OCTET_TO_BASE64(&DS,b64); printf("Signature D = %s\n",b64); OCTET_FROM_BASE64(b64,&DS); if (ECPVP_DSA(&epdom,&W0,&M,&CS,&DS)!=0) { printf("***ECDSA Verification Failed\n"); return 0; } else printf("ECDSA Signature/Verification succeeded\n"); ECP_DOMAIN_KILL(&epdom); KILL_CSPRNG(&RNG); return 0; }